Subscribe to our Threatpost Today newsletter

Join thousands of people who receive the latest breaking cybersecurity news every day.

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

*

*

I agree to my personal data being stored and used to receive the newsletter

*

I agree to accept information and occasional commercial offers from Threatpost partners

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

ThreatList: Gift Card-Themed BEC Holiday Scams Spike

Watch out for emails about gift cards and corporate donations, researcher warn.

With cyber threats rampant between Black Friday and Christmas, security experts are warning of a wave of business-style email scams hitting inboxes designed to appeal to holiday shoppers.

Attacks involve scam messages purporting to be gift card deals or links to corporate donations. According to researchers at Proofpoint, the style, technique and nature of the email scams follow a pattern of what are known as business email compromise (BEC) scams. Instead of tricking targets with fake invoices, holiday-themed BEC emails entice victims to click on malware laced gift-card offers or to donate to a fake charitable cause along with other corporate coworkers.

“While this emerging technique only represents a small fraction of overall email fraud, we also identified rapid quarter-over-quarter growth this year in email fraud scams related to gift cards and, in many cases, corporate donations,” according to Proofpoint researchers that issued a report on such attack earlier this week.

Email fraud scams related to gift cards and corporate donations have shot up – while they were virtually non-existent in the first quarter of 2018, by the second quarter, they represented more than 10 percent percent of total email fraud. This percentage has now grown to almost 16 percent of all total email fraud scams in the holiday quarter – and is still growing.

“As with most types of email fraud, threat actors targeted companies of all sizes and in all industries,” researchers said. “There was no correlation between company characteristics and the likelihood of being targeted by gift card BEC scams.”

Gift-card related scams represent just one threat of many this season. Also of concern are BEC-style email attacks delivering malware that targets point-of-sale systems, and phishing scams perpetrated via social media.

For instance, researchers reported a spate of Black Friday-themed email spam, often taking advantage of recipients’ desire to cash in on increasingly attractive deals. These emails created tempting clickbait for users or contained enticing messages with attachments that delivered malware, not holiday cheer.

For instance, the threat actors who regularly distribute the Emotet banking trojan, for example, sent a barrage of Thanksgiving-, Black Friday-, and Cyber Monday-themed malicious spam over the last two weeks.

An uptick in point of sale malware has also traditionally been observed during the holiday season – and this year is no different. Researchers are also warning of an uptick in the distribution of banking trojan malware families Betabot, Panda, Gozi, Zeus, Chthonic, TinyNuke, Gootkit2, IcedID and SpyEye.

For business, researchers warn they are seeing an uptick in point-of-sale (POS) malware ranging from FindPOS, ZeusPOS, MagikPOS and NewPosThings. FindPOS has continued unabated as the most common malware strain targeting POS devices. In 2018, POS malware activity has generally remained fairly steady, they said.

“Getting POS malware onto even a small number of terminals allows threat actors to scrape credit card data, which can then be used for fraudulent transactions,” researchers said.

A final trend that online shoppers need to be wary of is a new cyberthreat called “angler phishing.”

With several consumers interacting with support for retail brands via social media, such as Twitter and Facebook, cybercriminals are inserting themselves into public post comments or interactions and scam users into handing over their payment data or other information.

With “angler phishing” up a whopping 486 percent over this time last year, researchers urge consumers to “ensure that they are actually interacting with legitimate brands and verified accounts.”

“Although the holidays generally bring a range of online threats from actors looking to take advantage of the ‘human factor’ — human vulnerabilities of curiosity and fallibility rather than software exploits — the 2018 holiday season is accompanied by new threats as well as old standbys,” the researchers said. “Gift card email fraud scams have taken off just in time for the holidays while a larger number of established actors are distributing malware on bank holidays that were relatively quiet in years past.”

Authors

Threatpost

InfoSec Insider Post

InfoSec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Post

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.